Modifying existing malicious software until malware scanners misclassify it as clean is an attractive technique for cybercriminals. In particular, fully automatizing the process can bring adversaries to generate faster effective threats. Recent studies suggest that injecting successful malware modifications could lead to corrupt executable files despite of detection. Therefore, we propose ARMED - Automatic Random Malware Modifications to Evade Detection. Best Presentation Award.
Recommended citation: R. Labaca-Castro, C. Schmitt, G. Dreo Rodosek: ARMED: How Automatic Malware Modifications Can Evade Static Detection? 5th International Conference on Information Management (ICIM), Cambridge, UK, March 2019.